package com.yicheng.controller;

import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;

public class WxService {
    private static final String TOKEN = "ycnb";

    public static boolean check(String timestamp, String nonce, String signature){

         //验证签名

         //1）将token、timestamp、nonce三个参数进行字典序排序
         String[] strs = new String[]{TOKEN,timestamp,nonce};
        Arrays.sort(strs);

         // 2）将三个参数字符串拼接成一个字符串进行sha1加密
        String str = strs[0]+strs[1]+strs[2];
        String mysig = sha1(str);


         // 3）开发者获得加密后的字符串可与 signature 对比，标识该请求来源于微信
        return mysig.equals(signature);

    }

    //加密
    private  static String sha1(String src){
        //获取加密对象
        try {
            MessageDigest md = MessageDigest.getInstance("sha1");
            //加密步骤
            byte[] digest = md.digest(src.getBytes());
            char[] chars = {'0','1','2','3','4','5','6','7','8','9','a','b','c','d','e','f'};
            StringBuilder sb = new StringBuilder();
            //处理加密结果
            for (byte b:digest){
                sb.append(chars[(b>>4)&15]);
                sb.append(chars[b&15]);
            }
//            System.out.println(sb.toString());
            return sb.toString();
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
        }
        return null;
    }
}
